Package org.springframework.security.web.savedrequest

Class HttpSessionRequestCache

java.lang.Object

org.springframework.security.web.savedrequest.HttpSessionRequestCache

All Implemented Interfaces:

RequestCache

public class HttpSessionRequestCache
extends Object
implements RequestCache

RequestCache which stores the SavedRequest in the HttpSession. The DefaultSavedRequest class is used as the implementation.

Since:

3.0

Field Summary

Fields

Modifier and Type	Field	Description
protected final org.apache.commons.logging.Log	logger

Constructor Summary

Constructors

Constructor	Description
HttpSessionRequestCache()

Method Summary

Modifier and Type	Method	Description
@Nullable jakarta.servlet.http.HttpServletRequest	getMatchingRequest(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)	Returns a wrapper around the saved request, if it matches the current request.
@Nullable SavedRequest	getRequest(jakarta.servlet.http.HttpServletRequest currentRequest, jakarta.servlet.http.HttpServletResponse response)	Returns the saved request, leaving it cached.
void	removeRequest(jakarta.servlet.http.HttpServletRequest currentRequest, jakarta.servlet.http.HttpServletResponse response)	Removes the cached request.
void	saveRequest(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)	Stores the current request, provided the configuration properties allow it.
void	setCreateSessionAllowed(boolean createSessionAllowed)	If true, indicates that it is permitted to store the target URL and exception information in a new HttpSession (the default).
void	setMatchingRequestParameterName(String matchingRequestParameterName)	Specify the name of a query parameter that is added to the URL that specifies the request cache should be checked in getMatchingRequest(HttpServletRequest, HttpServletResponse)
void	setRequestMatcher(RequestMatcher requestMatcher)	Allows selective use of saved requests for a subset of requests.
void	setSessionAttrName(String sessionAttrName)	If the sessionAttrName property is set, the request is stored in the session using this attribute name.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

logger

protected final org.apache.commons.logging.Log logger

Constructor Details

HttpSessionRequestCache

public HttpSessionRequestCache()

Method Details

saveRequest

public void saveRequest(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)

Stores the current request, provided the configuration properties allow it.

Specified by:

saveRequest in interface RequestCache

Parameters:

request - the request to be stored

getRequest

public @Nullable SavedRequest getRequest(jakarta.servlet.http.HttpServletRequest currentRequest,
 jakarta.servlet.http.HttpServletResponse response)

Description copied from interface: RequestCache

Returns the saved request, leaving it cached.

Specified by:

getRequest in interface RequestCache

Parameters:

currentRequest - the current request

Returns:

the saved request which was previously cached, or null if there is none.

removeRequest

public void removeRequest(jakarta.servlet.http.HttpServletRequest currentRequest,
 jakarta.servlet.http.HttpServletResponse response)

Description copied from interface: RequestCache

Removes the cached request.

Specified by:

removeRequest in interface RequestCache

Parameters:

currentRequest - the current request, allowing access to the cache.

getMatchingRequest

public @Nullable jakarta.servlet.http.HttpServletRequest getMatchingRequest(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)

Description copied from interface: RequestCache

Returns a wrapper around the saved request, if it matches the current request. The saved request should be removed from the cache.

Specified by:

getMatchingRequest in interface RequestCache

Returns:

the wrapped save request, if it matches the original, or null if there is no cached request or it doesn't match.

setRequestMatcher

public void setRequestMatcher(RequestMatcher requestMatcher)

Allows selective use of saved requests for a subset of requests. By default any request will be cached by the saveRequest method.

If set, only matching requests will be cached.

Parameters:

requestMatcher - a request matching strategy which defines which requests should be cached.

setCreateSessionAllowed

public void setCreateSessionAllowed(boolean createSessionAllowed)

If true, indicates that it is permitted to store the target URL and exception information in a new HttpSession (the default). In situations where you do not wish to unnecessarily create HttpSessions - because the user agent will know the failed URL, such as with BASIC or Digest authentication - you may wish to set this property to false.

setSessionAttrName

public void setSessionAttrName(String sessionAttrName)

If the sessionAttrName property is set, the request is stored in the session using this attribute name. Default is "SPRING_SECURITY_SAVED_REQUEST".

Parameters:

sessionAttrName - a new session attribute name.

Since:

4.2.1

setMatchingRequestParameterName

public void setMatchingRequestParameterName(String matchingRequestParameterName)

Specify the name of a query parameter that is added to the URL that specifies the request cache should be checked in getMatchingRequest(HttpServletRequest, HttpServletResponse)

Parameters:

matchingRequestParameterName - the parameter name that must be in the request for getMatchingRequest(HttpServletRequest, HttpServletResponse) to check the session. Default is "continue".